ASP.NET SSL Authentication Ticket Security? -

-

I want to use SSL on the login form so that user and password can be encrypted during user login.

However, after authenticating the user, if I come back to HTTP, then upon each request, the ottonation cookie will be sent from the customer to the server. How safe is it? Obviously I would use SSL on pages where the user is entering sensitive information, but for most reasons, I would just like to be certified and use HTTP.

Please note that if I set RequiresSSL = "true" to configure in WebRes, then I can not use the authentication cookie if I use HTTP then I do not recognize the current user can.

I think my question is:

" This is a poor practice for setting RequiresSSL =" false "and the HTTP authentication cookie from http Is allowed to pass?

If you set protection = "all" If the form authentication cookie is encrypted and your server is checked with the key of the machine, it is not particularly bad to drop back on HTTP bad


Comments

Post a Comment

Popular posts from this blog

php - multilevel menu with multilevel array -

-
Just ask someone to solve this problem? I want to create a multilevel menu I can not find the right solution generated with multilevel array, it always gets an array_push error My study came from the original idea But still my Can not match the need. This is my MySQL [code] ----- --------------------- --------------- | ID | PARENT_ID | Name | Link | Seq | 1 | 0 | Dashboad | Dashboard / | 1 | 2 | 0 | Menu 1 | Menu 1 / | 2 | 3 | 0 | Menu 2 | Menu 2 / | 3 | 4 | 0 | Menu 3 | Menu 3 / | 4 | 5 | 2 | Joint Add / | 1 | 6 | 3 | Joint Add / | 1 | 7 | 2 | Edit | Edit / | 2 | 8 | 4 | Joint Add / | 1 ------------------------------------------ [/ Code] I want to do something like this in my array array ('dashboard' = & gt; array ('id' = & gt; '' 'Dame' = & gt; 'Dashboard', 'Title' = & gt; 'Dashboard', 'MatchMin' = & gt; Base_URL (). 'Dashboard /', 'Active' => = & Gt; NULL), ...
Read more

c# - TypeConverter in propertygrid only converts from string, not to -

-
When the property grid is reached, only the conversion mechanism (often called) is called "Foo!" Returns the property string in the grid when I click to edit I get an exception Type.oo. Object type can not be changed to type. (Not properly translated,) What is a clue from the convert format, why not? And the error indicates that it is trying to convert to a string, not from. I think that when I want to edit this object, it will have to be converted from foo to string, and when the editing ends. Public class FooTypeConverter: StringConverter {public override object ConvertFrom (ITypeDescriptorContext Reference, CultureInfo Culture, Object Value) {New Foo (string) value); } Convert the public override object (Type the ITE DiskText Contact Reference, CultureInfo Culture, Object Value, Type Type) {Return "Foo!"; } Public override bool CanConvertFrom (ITypeDescriptorContext reference, type source type) {back true; } Public Override Bull CanConvertTo (ITypeDescrip...
Read more

jQuery UI: Datepicker month format -

-
I am trying to change the format of the month that shows in the popup (not in the date that the picker actually I do not have any choice anywhere to do this, do I like to use a sub-string () or something else? What I normally display is Trying to change: Class = "ui-datepicker-title"> January & lt; / span & gt; ... & lt; / div & gt; Div>
Read more